Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 22 Aug 2001 08:34:11 -0500
From:      "Guy Helmer" <ghelmer@palisadesys.com>
To:        <dan@langille.org>, <security-officer@FreeBSD.ORG>
Cc:        <security@FreeBSD.ORG>
Subject:   RE: FreeBSD Security Advisory FreeBSD-SA-01:55.procfs
Message-ID:  <HEEHKIJOHDLFOOEBABJICEDNCAAA.ghelmer@palisadesys.com>
In-Reply-To: <3B82E2D3.823.D177AF1@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help 
Dan Langille wrote:
> On 21 Aug 2001, at 13:39, FreeBSD Security Advisories wrote:
>
> > # cd /usr/src/sys
> > # patch -p < /path/to/patch
>
> [dan@xeon:/usr/src/sys] $ sudo patch -p < /usr/patches/procfs.patch
> Hmm...  Looks like a unified diff to me...
> The text leading up to this was:
> --------------------------
> |Index: sys/i386/linux/linprocfs/linprocfs_vnops.c
> |===================================================================
> |RCS file:
> /usr2/ncvs/src/sys/i386/linux/linprocfs/Attic/linprocfs_vnops.c,v
> |retrieving revision 1.3.2.4
> |retrieving revision 1.3.2.5
> |diff -u -r1.3.2.4 -r1.3.2.5
> |--- sys/i386/linux/linprocfs/linprocfs_vnops.c 2001/06/25
> 19:46:47     1.3.2.4
> |+++ sys/i386/linux/linprocfs/linprocfs_vnops.c 2001/08/12
> 14:29:19     1.3.2.5
> --------------------------
> File to patch:
>
> Is it just me or is this becoming a recurring theme?  *grin*
>
> I volunteer to test every patch, given that I seem to be the first to
> report the problem.
>
> The patch works if you cd /usr/src, not /usr/src/sys

It is my sense from reading some other vendor's advisories (namely RedHat)
that advisories go through internal review and correction prior to release.
A quick review process by a small group of interested security-minded folks
could help catch minor typos like this one.  Would security-officer be
willing to setup a private mail list for a small group of interested people
and give them a few hours to review proposed advisories prior to release?

Guy


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?HEEHKIJOHDLFOOEBABJICEDNCAAA.ghelmer>